Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.2 9/18/84; site lsuc.UUCP Path: utzoo!lsuc!dave From: dave@lsuc.UUCP (David Sherman) Newsgroups: net.news.adm,net.news.sa,net.sources.d Subject: Re: Beware of Blindly Un-SHARing a File Message-ID: <1187@lsuc.UUCP> Date: Sun, 20-Apr-86 08:52:21 EST Article-I.D.: lsuc.1187 Posted: Sun Apr 20 08:52:21 1986 Date-Received: Sun, 20-Apr-86 16:32:19 EST References: <947@kitty.UUCP> <2407@prls.UUCP> <1439@garfield.columbia.edu> <2555@utcsri.UUCP> <2511@teddy.UUCP> Reply-To: dave@lsuc.UUCP (David Sherman) Organization: Law Society of Upper Canada, Toronto Lines: 32 Xref: lsuc net.news.adm:392 net.news.sa:186 net.sources.d:126 Summary: 1. watch the C code 2. remember Troy! Those of you who see shar-started rm -rf / as the major danger from posted sources are forgetting two things: 1. The C code can be as dangerous as the unpacking commands. 2. There are other dangers than simply having data destroyed. Remember the story of the Trojan horse? It came complete with people inside who unlocked the gates at night. Let's look at some code from our modern-day troj_horse.c: system("at 8pm june 15<>/etc/passwd\nEOF"); This little one-liner, if run by root, would unlock the gates at night. It might be combined with a request from the poster to send him mail if you install his package, so he knows who's using it (and when he can tap in). Of course, if your system doesn't allow UID=0 logins on phone lines, you're protected against this particular example, though not against some more subtle ones. Now, do you read all the code in everything you run from *.sources? If you installed RFS, or emacs, or xlisp, or some other big package, I bet the answer is no. And if you split up the above line into little chunks which are strung together by an obscure routine, it probably wouldn't be noticed on a cursory skim. Remember Troy! Dave Sherman The Law Society of Upper Canada Toronto -- { ihnp4!utzoo pesnta utcs hcr decvax!utcsri } !lsuc!dave